static NTSTATUS dcesrv_lsa_Close(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_Close *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct dcesrv_handle *h;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
*r->out.handle = *r->in.handle;
DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
static NTSTATUS dcesrv_lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_GetUserName *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
NTSTATUS status = NT_STATUS_OK;
const char *account_name;
const char *authority_name;
struct lsa_String *_account_name;
struct lsa_String *_authority_name = NULL;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
/* this is what w2k3 does */
r->out.account_name = r->in.account_name;
r->out.authority_name = r->in.authority_name;
NTSTATUS dcesrv_lsa_OpenPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenPolicy2 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
NTSTATUS status;
struct lsa_policy_state *state;
struct dcesrv_handle *handle;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
ZERO_STRUCTP(r->out.handle);
if (r->in.attr != NULL &&
NTSTATUS dcesrv_lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenPolicy *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_OpenPolicy2 r2;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
r2.in.system_name = NULL;
r2.in.attr = r->in.attr;
r2.in.access_mask = r->in.access_mask;
TALLOC_CTX *mem_ctx,
struct lsa_LookupSids2 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *state;
struct dcesrv_handle *h;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
NTSTATUS dcesrv_lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupSids *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_LookupSids2 r2;
NTSTATUS status;
uint32_t i;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
ZERO_STRUCT(r2);
r2.in.handle = r->in.handle;
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames3 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *policy_state;
struct dcesrv_handle *policy_handle;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
policy_state = policy_handle->data;
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames2 *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_policy_state *state;
struct dcesrv_handle *h;
uint32_t i;
struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
struct lsa_RefDomainList *domains;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
*r->out.domains = NULL;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupNames *r)
{
+ enum dcerpc_transport_t transport = dce_call->conn->endpoint->ep_description->transport;
struct lsa_LookupNames2 r2;
NTSTATUS status;
uint32_t i;
+ if (transport != NCACN_NP && transport != NCALRPC) {
+ DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
+ }
+
ZERO_STRUCT(r2);
r2.in.handle = r->in.handle;